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The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 

- Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )0 Responsive to communication(s) filed on 23 May 2000 . 
2a)0 This action is FINAL. 2b)^ This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 1-27 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) KI Claim(s) 1^27 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) D The drawing(s) filed on is/are: a)D accepted or b)Q objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121 (d). 

1 1) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 
Priority under 35 U.S.C. §§ 119 and 120 

12) Q Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d)or (f). 

aO All b)D Some*c)D None of: 

1 D Certified copies of the priority documents have been received. 

2.0 Certified copies of the priority documents have been received in Application No. . 

3-D Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 

13) D Acknowledgment is made of a claim for domestic priority under 35 U.S.C. § 119(e) (to a provisional application) 

since a specific reference was included in the first sentence of the specification or in an Application Data Sheet. 
37 CFR 1.78. 

a) □ The translation of the foreign language provisional application has been received. 

14) Q Acknowledgment is made of a claim for domestic priority under 35 U.S.C. §§ 120 and/or 121 since a specific 

reference was included in the first sentence of the specification or in an Application Data Sheet. 37 CFR 1 .78. 
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III. Detailed Action 

1 . Claims 1 -27 are presented for examination. 



Claim Rejections - 35 USC § 103 
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

2. Claims 1-6, 8-15, 17-24, and 26-27 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Gongwer et al (U.S. Patent 6,138,120 and Gongwer hereinafter) in 
view of Alegre et al. (U.S. Patent 6,199,1 13 and Alegre hereinafter). 

In regards to claims 1,10 and 19, Gongwer teaches a system for sharing a security 
context between different sessions on a database server (i.e. a system which formally 
supports the sharing of session, query, stored procedure, and transaction context across 
multiple, independent client applications) (col. 1, lines 58-61), comprising: 

receiving a request at the database server through a database session between the 
database server and an application on a database client (i.e. an originating application 
(client) connects to a data server and creates a session, specifying that the session be 
brand new, and that the new session can be shared by future client connections) (col. 1, 
lines 44-47); 

looking up an identifier for an application client that identifies a client of the 
application, the identifier having been previously associated with the database session 
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(i.e. the server recognizes the clients by assigning a respective identifier, called a session 
handle, to each client) (col. 2, lines 1-4); 

using the identifier to look up the security context (i.e. exclusive security data) for 
the application client within a storage area (i.e. Securityspace) associated with the 
database server (col. 4, lines 59-62); and 

wherein the security context includes attributes related to the application client 
(i.e. additional information which can be used, for example, by the security manager to 
authenticate clients) (col. 12, lines 33-35). 

Gongwer does not teach performing a database operation to satisfy the request; 
wherein performing the database operation involves enforcing access rights associated 
with the security context. 

Alegre teaches performing a database operation to satisfy the request (i.e. if the 
session key is still valid, access server performs the request) (col. 4, lines 63-63); wherein 
performing the database operation involves enforcing access rights associated with the 
security context (i.e. authentication database also stores user profile information that 
defines the types of access each user has to the resources on trusted network) (col. 6, lines 
29-31). 

Therefore it would have been obvious to one of ordinary skill in the art at the time 
of Applicant's invention to modify the teaching of Gongwer with the teachings of Alegre 
to include performing a database operation to satisfy the request; wherein performing the 
database operation involves enforcing access rights associated with the security context 
with the motivation to achieve a higher level of security for a trusted network in order to 
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allow access by users on the Internet in a controlled and secure manner (Alegre, col. 2, 
lines 33-35). 

In regards to claims 2, 1 1 and 20, Gongwer teaches wherein the request includes a 
database query (i.e. transaction) directed to a database (figure 1, element 5) on the 
database server (figure 1, element 10). The Office infers that conducting a transaction 
with a database server comprises directing a query to the database. 

In regards to claim 3, 12 and 21 , Gongwer does not teach wherein performing the 
database operation involves modifying the database query to enforce access rights 
associated with the security context. 

Alegre teaches wherein performing the database operation involves modifying the 
database query to enforce access rights associated with the security context (i.e. the 
trusted network access presentation information is created based on the user access 
profile, and thus includes only selection for accessing resources that the user has access 
to) (col. 4, lines 44-47). 

Therefore it would have been obvious to one of ordinary skill in the art at the time 
of Applicant's invention to modify the teaching of Gongwer with the teachings of Alegre 
to include wherein performing the database operation involves modifying the database 
query to enforce access rights associated with the security context with the motivation to 
achieve a higher level of security for a trusted network in order to allow access by users 
on the Internet in a controlled and secure manner (Alegre, col. 2, lines 33-35). 

In regards to claim 4, 13 and 22, Gongwer does not teach wherein the identifier 
for the application client identifies a user of the application that is sending the request to 
the database server. 
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Alegre teaches wherein the identifier for the application client identifies a user of 
the application (i.e. user ID [UID]) that is sending the request to the database server (col. 
4, lines 24-26). 

Therefore it would have been obvious to one of ordinary skill in the art at the time 
of Applicant's invention to modify the teaching of Gongwer with the teachings of Alegre 
to include wherein the identifier for the application client identifies a user of the 
application that is sending the request to the database server with the motivation to 
achieve a higher level of security for a trusted network in order to allow access by users 
on the Internet in a controlled and secure manner (Alegre, col. 2, lines 33-35). 

In regards to claim 5,14 and 23, Gongwer teaches wherein the database client is 
an application server that is sending the request to the database server (i.e. the clients are 
preferably application programs. The application programs can be executing on common 
computer or on distinct computers) (col. 2, lines 32-34). 

Gongwer does not teach wherein the identifier for the application client identifies 
an application session between the application on the application server and the client of 
the application. 

Alegre teaches wherein the identifier for the application client identifies an 
application session between the application on the application server and the client of the 
application (i.e. the packet may be created by merely concatenating a web server 
identifier, speaker object identifier, or other identifier, to the session key and URL 
request received from the user). The Office infers that "other identifier" includes the use 
of an identifier of the application session between the application on the application 
server and the client of the application. 
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Therefore it would have been obvious to one of ordinary skill in the art at the time 
of Applicant's invention to modify the teaching of Gongwer with the teachings of Alegre 
to include wherein the identifier for the application client identifies an application session 
between the application on the application server and the client of the application with the 
motivation to achieve a higher level of security for a trusted network in order to allow 
access by users on the Internet in a controlled and secure manner (Alegre, col. 2, lines 33- 



In regards to claim 6, 15 and 24, Gongwer teaches receiving a request from the 
application to change the application session associated with the database session; and 
changing the application session associated with the database session (i.e. applications 
can create, and actively share a session) (col 11, lines 64-65). 

In regards to claim 8, 17 and 26, Gongwer does not teach wherein prior to 
receiving the request the method further comprises: receiving the security context for the 
application client from the database client; and inserting the security context into the 
storage area associated with the database server so that the security context can be 
indexed by the identifier for the application client. 

Alegre teaches wherein prior to receiving the request the method further 
comprises: receiving the security context for the application client from the database 
client (i.e. authentication server first receives the UID and PWD from login process as 
part of the initial login by the user at client browser) (col. 6, lines 24-27); and inserting 
the security context into the storage area associated with the database server so that the 
security context can be indexed by the identifier for the application client (i.e. 
authentication database stores information defining which users may access resources on 



35). 
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trusted network. Authentication database also stores user profile information that defines 
the types of access each user has to the resources on trusted network.) (col. 6, lines 29- 
33). 

Therefore it would have been obvious to one of ordinary skill in the art at the time 
of Applicant's invention to modify the teaching of Gongwer with the teachings of Alegre 
to include wherein prior to receiving the request the method further comprises: receiving 
the security context for the application client from the database client; and inserting the 
security context into the storage area associated with the database server so that the 
security context can be indexed by the identifier for the application client with the 
motivation to achieve a higher level of security for a trusted network in order to allow 
access by users on the Internet in a controlled and secure manner (Alegre, col. 2, lines 33- 
35). 

In regards to claim 9, 18 and 27, Gongwer teaches further comprising allowing 
the application client to use the same security context through a second application and a 
second database session (i.e. sessHandle2) by: receiving a second request at the database 
server through the second database session with the second application (i.e. passing the 
received workspace handle (wsHandlei) to the session manager as part of its session 
initialization procedure); looking up the identifier for the application client, the identifier 
having been previously associated with the second database session: and using the 
identifier to look up the security context for the application client within the storage area 
associated with the database server (i.e. updating the mapping table for this session's 
entry to reference the Workspace of the originating client) (col. 12, lines 47-65). 
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3. Claims 7, 16 and 25 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Gongwer et al (U.S. Patent 6,138,120 and Gongwer hereinafter) in view of Alegre et 
al. (U.S. Patent 6,199,1 13 and Alegre hereinafter) as applied to claims 5, 14 and 24 
above, in further view of Chatterjee et al. (U.S. Patent 6,243,751 and Chatterjee 
hereinafter). 

The teachings of Gongwer and Alegre have been discussed above. 

The combination of Gongwer and Alegre, however, does not teach further 
comprising facilitating connection pooling by periodically changing the application 
session associated with the database session in order to channel requests associated with 
multiple application sessions through the database session. 

Chatterjee teaches further comprising facilitating connection pooling by 
periodically changing (i.e. switching) the application session associated with the database 
session in order to channel requests associated with multiple application sessions through 
the database session (col. 3, lines 39-55). 

Therefore it would have been obvious to one of ordinary skill in the art at the time 
of Applicant's invention to modify the teaching of Gongwer and Alegre with the 
teachings of Chatterjee to include further comprising facilitating connection pooling by 
periodically changing the application session associated with the database session in 
order to channel requests associated with multiple application sessions through the 
database session with the motivation to allow more users to use a server than the number 
of connections established with the server (Chatterjee, col. 3, lines 25-27). 
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Other Prior Art Made of Record 

4. A. Lo et al. (US Patent No. 5,809,505) discloses a system and method for 
relational to object mapping; 

B. Bowman-Amuah (US Patent No. 6,556,659) discloses a system for service 
level management in a hybrid network architecture; and 

C. Carpenter (US Patent No. 6,199,068) discloses a mapping interface for a 
distributed server to translate between dissimilar file formats. 

Conclusion 

5. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 



Points of Contact 

6. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Edel H Quinones whose telephone number is 703-305- 
8745. The examiner can normally be reached on M-F (8:00AM-5:00PM). 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheik can be reached on 703-305-9648. The fax phone number for the 
organization where this application or proceeding is assigned is 703- 305 - 37 18. 

Any inquiry of a general nature or relating to the status of this application or 
proceeding should be directed to the receptionist whose telephone number is 703-305- 
3900. 



Application/Whtrol Number: 09/577,220 
Art Unit: 2131 



Page 10 




Edel H. Quinones 
Patent Examiner 
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